Lucene search
K

483 matches found

Cvelist
Cvelist
added 2025/06/26 12:0 a.m.10 views

CVE-2024-56915

Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...

0.00386EPSS
Exploits1References3
NVD
NVD
added 2025/06/24 8:15 p.m.11 views

CVE-2024-56917

Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...

7.1CVSS0.0033EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/24 6:26 p.m.7 views

CVE-2024-56916

A cross-site scripting flaw was found in Netbox. An attacker with an authenticated account on the system can add malicious Javascript code to a banner field and potentially execute this code in the context of another user's session. Mitigation Mitigation for this issue is either not available or...

6.1CVSS6.4AI score0.00272EPSS
Exploits1References2
NVD
NVD
added 2025/06/24 6:15 p.m.5 views

CVE-2024-56916

In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...

6.1CVSS0.00272EPSS
Exploits1References3
NVD
NVD
added 2025/06/24 5:15 p.m.5 views

CVE-2024-56918

In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...

6.1CVSS0.00281EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/06/24 5:15 p.m.6 views

CVE-2024-56918

A Cross-site scripting flaw was found in Netbox. This flaw allows an attacker with an account on the system to exfiltrate user data from the login form. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteri...

6.1CVSS6.6AI score0.00281EPSS
Exploits1References2
OSV
OSV
added 2025/06/24 12:0 a.m.8 views

CVE-2024-56918

In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...

6.1CVSS6.2AI score0.00281EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.6 views

PT-2025-26771 · Unknown · Netbox Community

Name of the Vulnerable Software and Affected Versions: Netbox Community version 4.1.7 Description: The issue is related to Cross Site Scripting XSS via the maintenance banner in maintenance mode. This allows for potential malicious script execution. No information is provided about the estimated...

7.1CVSS5.7AI score0.0033EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/06/24 12:0 a.m.9 views

CVE-2024-56916

In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...

0.00272EPSS
Exploits1References3
OSV
OSV
added 2025/06/24 12:0 a.m.8 views

CVE-2024-56916

In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...

6.1CVSS5.2AI score0.00272EPSS
Exploits1References5
OSV
OSV
added 2025/06/24 12:0 a.m.9 views

CVE-2024-56917

Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...

7.1CVSS6.2AI score0.0033EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/24 12:0 a.m.11 views

CVE-2024-56918

In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...

0.00281EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/24 12:0 a.m.5 views

CVE-2024-56918

In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...

6.2AI score0.00281EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.6 views

Netbox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from NetBox Community. A security vulnerability exists in Netbox Community version 4.1.7, which stems from unfiltered user input in the current value field in Configuration...

6.1CVSS5.9AI score0.00272EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/06/24 12:0 a.m.9 views

CVE-2024-56917

Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...

6.2AI score0.0033EPSS
Exploits1References3
CVE
CVE
added 2025/06/24 12:0 a.m.25 views

CVE-2024-56916

CVE-2024-56916 (NetBox Community 4.1.7) is a cross-site scripting (XSS) vulnerability in the Configuration History > Add feature, caused by the current value field rendering user-supplied HTML. An authenticated attacker can inject malicious JavaScript into the banner field, and the payload tri...

6.1CVSS5.3AI score0.00272EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/24 12:0 a.m.5 views

CVE-2024-56916

In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...

5.3AI score0.00272EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.10 views

PT-2025-26761 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox Community version 4.1.7 Description: In Netbox Community, once authenticated, the Configuration History Add option is vulnerable to cross-site scripting XSS due to the current value field rendering user-supplied HTML. An authenticated...

6.1CVSS4.9AI score0.00272EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.4 views

Netbox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in Netbox version 4.1.7, which stems from a flaw in the login page that could lead to a cross-site scripting attack...

6.1CVSS5.9AI score0.00281EPSS
Exploits1References4
CVE
CVE
added 2025/06/24 12:0 a.m.23 views

CVE-2024-56918

CVE-2024-56918 affects Netbox Community 4.1.7, with a login-page cross-site scripting (XSS) vulnerability that can exfiltrate privileged, authenticated user input from the login form. The documents do not provide concrete exploit details or a confirmed patch version. Some entries reference mitiga...

6.1CVSS6.2AI score0.00281EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder